package com.code.shiro.config;

import com.code.shiro.user.service.UserService;
import com.code.wanmi.entity.wm_user.WmSysRole;
import com.code.wanmi.entity.wm_user.WmSysUser;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.springframework.beans.factory.annotation.Autowired;

import java.util.HashSet;
import java.util.Set;

public class UserRealm extends AuthorizingRealm {
    private static final Logger LOGGER = LogManager.getLogger(UserRealm.class);

    @Autowired
    private UserService userService;
    /**
     * 大坑！，必须重写此方法，不然Shiro会报错
     */
    @Override
    public boolean supports(AuthenticationToken token) {
        return token instanceof JWTToken;
    }
    //授权
    @Override
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
        System.out.println("执行了授权方法");
        //获取用户登录username
       Long userId = JWTUtil.getUserId(principalCollection.toString());
        System.out.println(userId);
        SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
        System.out.println(userService.getRoleNameByUserId(userId));
        //设置用户角色(从数据库查询角色)
        Set<String> roleNames = new HashSet<>();
        Set<WmSysRole> roles = userService.getRoleNameByUserId(userId);
        for (WmSysRole role : roles) {
            roleNames.add(role.getRoleName());
        }
        info.setRoles(roleNames);

        //可拿到认证拦截器传递的admin对象
//        Subject subject = SecurityUtils.getSubject();
//        Admin admin = (Admin)subject.getPrincipal();
        //添加权限
//        Set<String> permission = new HashSet<>(Arrays.asList(user.getPermission().split(",")));
//        info.addStringPermissions(permission);

        return info;
    }
    //认证
    @Override
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
        System.out.println("执行了认证方法");
        //用户名密码去数据库中取
//        String username = "root";
//        String password = "root";
//        Admin admin = new Admin();
//        admin.setAdminname(username);
//        admin.setPassword(password);
        //获取login时的UsernamePasswordToken对象，该对象是全局的
//        UsernamePasswordToken usernamePasswordToken = (UsernamePasswordToken) authenticationToken;
//        System.out.println(usernamePasswordToken.getUsername());
//        Staffinfo staffinfo = staffinfoMapper.selectStaffinfoByUserName(usernamePasswordToken.getUsername());
//        if(staffinfo==null) {
//            return null;//shiro会自动抛出异常UnknownAccountException
//        }
        //密码认证shiro会自动完成（涉及了安全认证）
//        return new SimpleAuthenticationInfo(staffinfo,staffinfo.getStapassword(),"");


        String token = (String) authenticationToken.getCredentials();
        // 解密获得username，用于和数据库进行对比
        String username = JWTUtil.getUsername(token);
        Long userid = JWTUtil.getUserId(token);
        WmSysUser wmSysUser1 = new WmSysUser();
        wmSysUser1.setLoginName(username);
        wmSysUser1.setUserId(userid);
        WmSysUser wmSysUser = userService.selectUserByIdAndLoginName(wmSysUser1);
//        Staffinfo adminByuserName = iRoleService.getAdminByuserName(username);
//        System.out.println(adminByuserName);
        if (username == null||userid == null) {
            throw new AuthenticationException("User didn't existed!");
        }
        if (! JWTUtil.verify(token, wmSysUser.getLoginName(), wmSysUser.getPassword())) {
            throw new AuthenticationException("Username or password error");
        }
//
       return new SimpleAuthenticationInfo(token, token, username);
      //  return null;
    }


}
